This Act may be cited as the “Aviation Employee Screening and Security Enhancement Act of 2017”.

In this Act:

(a) In general.—Not later than 180 days after the date of the enactment of this Act, the Administrator, in consultation with the Aviation Security Advisory Committee (established under section 44946 of title 49, United States Code), shall submit to the Committee on Homeland Security of the House of Representatives, the Committee on Homeland Security and Governmental Affairs and the Committee on Commerce, Science, and Transportation of the Senate, and the Comptroller General of the United States a cost and feasibility study of a statistically significant number of Category I, II, and X airports to ensure that all employee entry and exit points that lead to secure areas of such airports are comprised of the following:

(1) A secure door utilizing card and pin entry or biometric technology.

(2) Surveillance video recording, capable of storing video data for at least 30 days.

(3) Advanced screening technologies, including at least one of the following:

(A) Magnetometer (walk-through or hand-held).

(B) Explosives detection canines.

(C) Explosives trace detection swabbing.

(D) Advanced imaging technology.

(E) X-ray bag screening technology.

(b) Contents.—The study required under subsection (a) shall include information related to the employee screening costs of those category I, II, and X airports which have already implemented practices of screening 100 percent of employees entering secure areas of airports, including the following:

(1) Costs associated with establishing an operational minimum number of employee entry and exit points.

(2) A comparison of costs associated with implementing the requirements specified in paragraph (1), based on whether such implementation was carried out by the Administration or airports.

(c) Comptroller General assessment.—

(1) IN GENERAL.—Upon completion of the study required under subsection (a), the Comptroller General of the United States shall review such study to assess the quality and reliability of such study.

(2) ASSESSMENT.—Not later than 60 days after the receipt of the study required under subsection (a), the Comptroller General of the United States shall report to the Committee on Homeland Security of the House of Representatives and the Committee on Homeland Security and Governmental Affairs and the Committee on Commerce, Science, and Transportation of the Senate on the results of the review required under paragraph (1).

(a) Cooperative efforts To enhance airport security awareness.—Not later than 180 days after the date of the enactment of this Act, the Administrator shall work with air carriers, foreign air carriers, airport operators, airport vendors, and airport concessionaires to enhance security awareness of credentialed airport populations regarding insider threats to aviation security and best practices related to airport access controls.

(b) Credentialing standards.—

(1) IN GENERAL.—Not later than 180 days after the date of the enactment of this Act, the Administrator shall, in consultation with air carriers, foreign air carriers, airport operators, vendors, and airport concessionaires, assess credentialing standards, policies, and practices to ensure that insider threats to aviation security are adequately addressed.

(2) REPORT.—Not later than 30 days after completion of the assessment required under paragraph (1), the Administrator shall report to the appropriate congressional committees on the results of such assessment.

(c) SIDA applications.—Not later than 60 days after the date of the enactment of this Act, the Administrator shall revise the application submitted by an individual applying for a credential granting access to the Secure Identification Display Area (as such term is defined in section 1540.5 of title 49, Code of Federal Regulations) of an airport to require the social security number of such individual in order to strengthen security vetting effectiveness.

(a) In general.—The Administrator shall work with airport operators to identify advanced technologies, including biometric identification technologies, for securing employee access to the secure and sterile areas of airports (as such terms are defined in section 1540.5 of title 49, Code of Federal Regulations).

(b) Rap Back vetting.—Not later than 180 days after the date of the enactment of this Act, the Administrator shall ensure that all credentialed aviation worker populations are continuously vetted through the Federal Bureau of Investigation’s Rap Back Service, in order to more rapidly detect and mitigate insider threats to aviation security.

(c) Insider threat education and mitigation.—Not later than 180 days after the date of the enactment of this Act, the Administrator shall identify means of enhancing the Administration’s ability to leverage the resources of the Department of Homeland Security and the intelligence community to educate Administration personnel on insider threats to aviation security and how the Administration can better mitigate such insider threats.

(d) Playbook operations.—The Administrator shall ensure that Administration-led employee screening efforts, known as Playbook operations, are targeted, strategic, and focused on providing the greatest level of security effectiveness.

(e) Covert testing.—

(1) IN GENERAL.—The Administrator shall increase covert testing of employee screening operations at airports and measure existing levels of security effectiveness. The Administrator shall provide to air carriers, foreign air carriers, airport operators, airport vendors, and airport concessionaires—

(A) the results of such testing; and

(B) recommendations based on such results and measurements on how to improve such security screening operations.

(2) ANNUAL REPORTING.—The Administrator shall submit to the appropriate congressional committees an annual report on the frequency, methodology, strategy, and effectiveness of employee screening operations at airports.

(f) Centralized database.—Not later than 180 days after the date of the enactment of this Act, the Administrator, in consultation with the Aviation Security Advisory Committee, shall—

(1) establish a national database of Administration employees who have had either their airport or aircraft operator-issued badge revoked for failure to comply with aviation security requirements;

(2) determine the appropriate reporting mechanisms for airports and air carriers and foreign air carriers to—

(A) submit to the Administration data regarding employees described in paragraph (1); and

(B) access the database established pursuant to such paragraph; and

(3) establish a process that allows individuals whose names were mistakenly entered into such database to have their names removed and have their credentialing restored.

The Department of Homeland Security is the lead interagency coordinator pertaining to insider threat investigations and mitigation efforts at airports. The Department shall make every practicable effort to coordinate with other relevant Government entities when undertaking such investigations and efforts.

Not later than 90 days after the date of the enactment of this Act, the Administrator shall submit to the appropriate congressional committees a plan to conduct recurring reviews of the operational, technical, and management security controls for Administration information technology systems at airports.